option(
    'yocto-deps',
    type: 'feature',
    value: 'disabled',
    description: 'Use YOCTO dependencies system'
)

option(
    'kvm',
    type: 'feature',
    value: 'enabled',
    description: '''Enable the KVM host video WebSocket.  Path is /kvm/0.
                    Video is from the BMCs /dev/videodevice.'''
)

option(
    'tests',
    type: 'feature',
    value: 'enabled',
    description: 'Enable Unit tests for bmcweb'
)

option(
    'vm-websocket',
    type: 'feature',
    value: 'enabled',
    description: '''Enable the Virtual Media WebSocket. Path is /vm/0/0 to
                    open the websocket. See
                    https://github.com/openbmc/jsnbd/blob/master/README.'''
)

# if you use this option and are seeing this comment, please comment here:
# https://github.com/openbmc/bmcweb/issues/188 and put forward your intentions
# for this code.  At this point, no daemon has been upstreamed that implements
# this interface, so for the moment this appears to be dead code;  In leiu of
# removing it, it has been disabled to try to give those that use it the
# opportunity to upstream their backend implementation
#option(
#    'vm-nbdproxy',
#    type: 'feature', value: 'disabled',
#    description: 'Enable the Virtual Media WebSocket.'
#)

option(
    'rest',
    type: 'feature',
    value: 'disabled',
    description: '''Enable Phosphor REST (D-Bus) APIs. Paths directly map
                    Phosphor D-Bus object paths, for example,
                    /xyz/openbmc_project/logging/entry/enumerate. See
                    https://github.com/openbmc/docs/blob/master/rest-api.md.'''
)

option(
    'redfish',
    type: 'feature',
    value: 'enabled',
    description: '''Enable Redfish APIs.  Paths are under /redfish/v1/. See
                    https://github.com/openbmc/bmcweb/blob/master/DEVELOPING.md#redfish.'''
)

option(
    'host-serial-socket',
    type: 'feature',
    value: 'enabled',
    description: '''Enable host serial console WebSocket. Path is /console0.
                    See https://github.com/openbmc/docs/blob/master/console.md.'''
)

option(
    'static-hosting',
    type: 'feature',
    value: 'enabled',
    description: '''Enable serving files from the /usr/share/www directory
                    as paths under /.'''
)

option(
    'redfish-bmc-journal',
    type: 'feature',
    value: 'enabled',
    description: '''Enable BMC journal access through Redfish. Paths are under
                    /redfish/v1/Managers/bmc/LogServices/Journal.'''
)

option(
    'redfish-cpu-log',
    type: 'feature',
    value: 'disabled',
    description: '''Enable CPU log service transactions through Redfish. Paths
                    are under /redfish/v1/Systems/system/LogServices/Crashdump'.'''
)

option(
    'redfish-dump-log',
    type: 'feature',
    value: 'disabled',
    description: '''Enable Dump log service transactions through Redfish. Paths
                   are under /redfish/v1/Systems/system/LogServices/Dump
                   and /redfish/v1/Managers/bmc/LogServices/Dump'''
)

option(
    'redfish-dbus-log',
    type: 'feature',
    value: 'disabled',
    description: '''Enable DBUS log service transactions through Redfish. Paths
                    are under
                    /redfish/v1/Systems/system/LogServices/EventLog/Entries'''
)

option(
    'redfish-host-logger',
    type: 'feature',
    value: 'enabled',
    description: '''Enable host log service transactions based on
                    phosphor-hostlogger through Redfish.  Paths are under
                    /redfish/v1/Systems/system/LogServices/HostLogger'''
)

option(
    'redfish-enable-proccessor-memory-status',
    type: 'feature',
    value: 'disabled',
    description: '''Enable/disable the deprecated processor and memory summary
                    status. The default condition is disabling the processor
                    and memory summary status. This option will be removed in
                    1Q 2024.'''
)

option(
    'redfish-provisioning-feature',
    type: 'feature',
    value: 'disabled',
    description: '''Enable provisioning feature support in redfish. Paths are
                    under /redfish/v1/Systems/system/'''
)

option(
    'bmcweb-logging',
    type: 'combo',
    choices : [ 'disabled', 'enabled', 'debug', 'info', 'warning', 'error', 'critical' ],
    value: 'disabled',
    description: '''Enable output the extended logging level.
                    - disabled: disable bmcweb log traces.
                    - enabled: treated as 'debug'
                    - For the other logging level option, see DEVELOPING.md.'''
)

option(
    'basic-auth',
    type: 'feature',
    value: 'enabled',
    description: 'Enable basic authentication'
)

option(
    'session-auth',
    type: 'feature',
    value: 'enabled',
    description: 'Enable session authentication'
)

option(
    'xtoken-auth',
    type: 'feature',
    value: 'enabled',
    description: 'Enable xtoken authentication'
)

option(
    'cookie-auth',
    type: 'feature',
    value: 'enabled',
    description: 'Enable cookie authentication'
)

option(
    'mutual-tls-auth',
    type: 'feature',
    value: 'enabled',
    description: '''Enables authenticating users through TLS client
                    certificates. The insecure-disable-ssl must be disabled for
                    this option to take effect.'''
)

option(
    'mutual-tls-common-name-parsing',
    type: 'combo',
    choices: ['username', 'meta'],
    value: 'username',
    description: '''Sets logic to map the Subject Common Name field to a user
                    in client TLS certificates.
                    - username: Use the Subject CN field as a BMC username
                                (default)
                    - meta:     Parses the Subject CN in the format used by
                                Meta Inc (see mutual_tls_meta.cpp for details)
                    '''
)

option(
    'ibm-management-console',
    type: 'feature',
    value: 'disabled',
    description: '''Enable the IBM management console specific functionality.
                    Paths are under /ibm/v1/'''
)

option(
    'google-api',
    type: 'feature',
    value: 'disabled',
    description: '''Enable the Google specific functionality. Paths are under
                    /google/v1/'''
)

option(
    'http-body-limit',
    type: 'integer',
    min: 0,
    max: 512,
    value: 30,
    description: 'Specifies the http request body length limit'
)

option(
    'redfish-new-powersubsystem-thermalsubsystem',
    type: 'feature',
    value: 'disabled',
    description: '''Enable/disable the new PowerSubsystem, ThermalSubsystem,
                    and all children schemas. This includes displaying all
                    sensors in the SensorCollection. At a later date, this
                    feature will be defaulted to enabled.'''
)

option(
    'redfish-allow-deprecated-power-thermal',
    type: 'feature',
    value: 'enabled',
    description: '''Enable/disable the old Power / Thermal. The default
                    condition is allowing the old Power / Thermal.'''
)

option(
    'redfish-oem-manager-fan-data',
    type: 'feature',
    value: 'enabled',
    description: '''Enables Redfish OEM fan data on the manager resource.
                    This includes PID and Stepwise controller data. See
                    OemManager schema for more detail.'''
)

option(
    'redfish-health-populate',
    type: 'feature',
    value: 'disabled',
    description: '''Enables HealthPopulate and generate the Status property for
                    the resource. This option will be removed Q1 2024'''
)

option(
    'https_port',
    type: 'integer',
    min: 1,
    max: 65535,
    value: 443,
    description: 'HTTPS Port number.'
)

option(
    'dns-resolver',
    type: 'combo',
    choices: ['systemd-dbus', 'asio'],
    value: 'systemd-dbus',
    description: '''Sets which DNS resolver backend should be used.
    systemd-dbus uses the Systemd ResolveHostname on dbus, but requires dbus
    support.  asio relies on boost::asio::tcp::resolver, but cannot resolve
    names when boost threading is disabled.'''
)

option(
    'redfish-aggregation',
    type: 'feature',
    value: 'disabled',
    description: 'Allows this BMC to aggregate resources from satellite BMCs'
)

option(
    'experimental-redfish-multi-computer-system',
    type: 'feature',
    value: 'disabled',
    description: '''This is a temporary option flag for staging the
    ComputerSystemCollection transition to multi-host.  It, as well as the code
    still beneath it will be removed on 9/1/2023.  Do not enable in a
    production environment, or where API stability is required.'''
)

option(
    'experimental-http2',
    type: 'feature',
    value: 'disabled',
    description: '''Enable HTTP/2 protocol support using nghttp2.  Do not rely
                    on this option for any production systems.  It may have
                    behavior changes or be removed at any time.'''
)

# Insecure options. Every option that starts with a `insecure` flag should
# not be enabled by default for any platform, unless the author fully comprehends
# the implications of doing so.In general, enabling these options will cause security
# problems of varying degrees

option(
    'insecure-disable-csrf',
    type: 'feature',
    value: 'disabled',
    description: '''Disable CSRF prevention checks.Should be set to false for
                    production systems.'''
)

option(
    'insecure-disable-ssl',
    type: 'feature',
    value: 'disabled',
    description: '''Disable SSL ports. Should be set to false for production
                    systems.'''
)

option(
    'insecure-disable-auth',
    type: 'feature',
    value: 'disabled',
    description: '''Disable authentication and authoriztion on all ports.
                    Should be set to false for production systems.'''
)

option(
    'insecure-disable-xss',
    type: 'feature',
    value: 'disabled',
    description: 'Disable XSS preventions'
)

option(
    'insecure-tftp-update',
    type: 'feature',
    value: 'disabled',
    description: '''Enable TFTP based firmware update transactions through
                    Redfish UpdateService.   SimpleUpdate.'''
)

option(
    'insecure-ignore-content-type',
    type: 'feature',
    value: 'disabled',
    description: '''Allows parsing PUT/POST/PATCH content as JSON regardless
                    of the presence of the content-type header.  Enabling this
                    conflicts with the input parsing guidelines, but may be
                    required to support old clients that may not set the
                    Content-Type header on payloads.'''
)

option(
    'insecure-push-style-notification',
    type: 'feature',
    value: 'disabled',
    description: 'Enable HTTP push style eventing feature'
)

option(
    'insecure-enable-redfish-query',
    type: 'feature',
    value: 'disabled',
    description: '''Enables Redfish expand query parameter.  This feature is
                    experimental, and has not been tested against the full
                    limits of user-facing behavior.  It is not recommended to
                    enable on production systems at this time.  Other query
                    parameters such as only are not controlled by this option.'''
)
